class TestHttpSigner(object):
def setUp(self):
self.none_signer = HttpSigner(None, HEADER)
self.http_signer = HttpSigner(SECRET, HEADER)
def test_none_signer_does_not_sign(self):
req = Request('GET', 'http://example.com')
req = self.none_signer(req)
assert HEADER not in req.headers
assert not self.http_signer.valid(req)
def test_none_signer_does_not_sign_request_auth(self):
req = Request('GET', 'http://example.com', auth=self.none_signer)
prepared = req.prepare()
assert HEADER not in prepared.headers
assert not self.http_signer.valid(req)
def test_signs_request_valid(self):
req = Request('GET', 'http://example.com')
req = self.http_signer(req)
assert req.headers.get(HEADER) == SECRET
assert self.http_signer.valid(req)
def test_signs_request_invalid(self):
req = Request('GET', 'http://example.com')
req.headers[HEADER] = 'not-my-secret-key'
assert req.headers.get(HEADER) != SECRET
assert not self.http_signer.valid(req)
def test_signs_request_auth(self):
req = Request('GET', 'http://example.com', auth=self.http_signer)
prepared = req.prepare()
assert prepared.headers.get(HEADER) == SECRET
assert self.http_signer.valid(prepared)
def setUp(self):
self.none_signer = HttpSigner(None, HEADER)
self.http_signer = HttpSigner(SECRET, HEADER)
def setup_http_signer(app):
global http_signer
from pybossa.http_signer import HttpSigner
secret = app.config.get('SIGNATURE_SECRET')
http_signer = HttpSigner(secret, 'X-Pybossa-Signature')